IT Lessons Learned from the Capitol Breach

The breach of the U.S. Capitol building this week was abhorrent. Participants should be held accountable. This is not how we solve our differences or push for political change in America, and I hope we never have an incident like this again in our country.

Much of the focus has been on the physical destruction and intrusion. Windows and doors were broken; artifacts were stolen or defaced; those locked inside with the terror of not knowing the goals or intentions of the intruders.

The aspect of the event receiving far less attention is the cyber threat. Hundreds of computers, servers, and networked devices were left unattended for hours with unsupervised and unverified strangers wandering the hallways. Is it possible that a computer hacker was among the mob who entered the building, not with the goal of sitting in a congressman’s office or knocking over a podium, but rather injecting a computer with spyware or a keylogger? Planting a listening device, or copying/downloading files from an unlocked terminal?

This is a valid concern. The event was planned and promoted well in advance, giving someone with bad intentions plenty of time to prepare one or more methods of cyberattack. It would have been extremely easy to blend in with the crowd. There was no pat-down or security scanner to walk through, no escorts, no guards.

The one bright spot is the fact the Capitol has every entrance, hallway and corner covered with security cameras. While I don’t know this for certain, I will bet that facial recognition technology is in place to log and identify all visitors to the building. This controversial technology will assist law enforcement efforts to track down all of the offenders, and possibly identify any surreptitious efforts to conduct cyber-espionage.

It would be completely irresponsible to ignore this threat. If a corporate office was overrun by unknown visitors with bad intentions, the CIO would absolutely begin to quarantine potentially impacted systems and begin scanning for threats.

The process is remarkably similar to COVID-19 protocols. If you might be infected, you are quarantined, and contact tracing is performed to identify anyone else you had contact with. Capitol IT and security professionals should be doing the same right now, and only allowing endpoints back onto the network when deemed safe.

The speed at which congressional lawmakers returned to the Capitol was symbolically important and laudable, but it also raises serious concerns. There is no conceivable way that computers, networks and endpoints were adequately scanned and scrubbed in the time between the hallways being cleared and the lawmakers returning to work. It would also be hard to believe that the entire building was inspected for listening devices or cameras in that time.

Nothing about this breach was positive and only time will tell what the fallout and implications of the event might be. We are still coming to grips with the so-called Sunburst hack involving SolarWinds and 18,000 of their customers. Events at the Capitol this week could be just as devastating if by chance someone in that mob had the intent and means to pull something off, because they definitely had access and time to do it.

We have the brightest minds and most innovative cybersecurity companies and organizations in the world here in the United States. The government needs to re-prioritize cybersecurity and invest more heavily in our cyber defenses. The wars of today and tomorrow will be in cyberspace and we seemed to still be focused on the physical battlefield. It is encouraging to know that President-Elect Joe Biden has plans to elevate a cybersecurity expert to his National Security Council, a position that President Trump eliminated in 2018.

We cannot undo what happened at the Capitol this week, but we must take immediate measures to limit the potential cyber damage from that event and we must improve the physical security to make future intrusions much more difficult. The loss of life and the trampling of our Constitution was enough to be filled with sorrow and sadness for where we are as a nation right now. Better days lie ahead.

About the Author

Josh Bohls is the founder of Inkscreen.

Featured

  • Accelerating a Pathway

    There is a new trend touting the transformational qualities of AI’s ability to deliver actionable data and predictive analysis that in many instances, seems to be a bit of an overpromise. The reality is that very few solutions in the cyber-physical security (CPS) space live up to this high expectation with the one exception being the new generation of Physical Identity and Access Management (PIAM) software – herein recategorized as PIAM+. Read Now

  • Protecting Your Zones

    It is game day. You can feel the crowd’s energy. In the parking lot. At the gate. In the stadium. On the concourse. Fans are eager to party. Food and merchandise vendors ready themselves for the rush. Read Now

  • Street Smarts

    The ongoing acceptance of AI and advanced data analytics has allowed surveillance camera technology to shift from being a tactical tool to a strategic business solution. Combining traditional surveillance technology with AI-based data-driven insights can streamline transportation systems, enhance traffic management, improve situational awareness, optimize resource allocation and streamline emergency response procedures. Read Now

  • The Progress of Biometrics

  • Next-Gen AI for Smart Cities

    The future of smart city technology is not being shaped in Silicon Valley — it is taking root in Dubuque, Iowa. With a population of about 60,000, this mid-sized city has become a live testbed for AI-driven traffic management thanks to a unique public-private collaboration led by Milestone Systems. Project Hafnia demonstrates how cities can transform urban mobility and safety through Responsible Technology—without costly infrastructure overhauls. Read Now

New Products

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction.

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.